SELinks Logo
End-to-end Security for Web Applications
 
Overview
We have been exploring ways in which a programming language can be used to ensure that web applications correctly enforce their security policies. Prior work has focused on the enforcement of information flow policies. We aim to go beyond this.

So far, we have developed a core programming calculus in which a wide range of policies, including access control, data provenance tracking, stateful information disclosure policies, and various forms of information flow policies can all be reliably enforced. Some of these ideas have been implemented in a language we call "Security-Enhanced Links," an extension of the Links web programming language.

We have used SELinks to build two secure web applications. Our experience indicates that it is relatively easy to use SELinks to ensure that an application correctly enforces several common policies.

 
Software
The initial release of SELinks is available:

Our largest example of a SELinks program is SEWiki. This is a secure online document management system that enforces a fine-grained access control policy on each document, and even on fragments of documents. We also use SELinks to accurately track provenance information in SEWiki, like edit histories of each document. You can experiment with SEWiki here.

 
Papers
Cross-tier, Label-based Security Enforcement for Web Applications
Brian J. Corcoran, Nikhil Swamy, and Michael Hicks
In Proceedings of the ACM SIGMOD International Conference on Management of Data, June 2009.
[ abstract | pdf | bib ]

Fable: A Language for Enforcing User-defined Security Policies
Nikhil Swamy, Brian J. Corcoran, and Michael Hicks
In Proceedings of the IEEE Symposium on Security and Privacy (Oakland), May 2008.
[ abstract | pdf | tr.pdf | bib ]

Verified Enforcement of Stateful Information Release Policies
Nikhil Swamy and Michael Hicks
In Proceedings of the ACM SIGPLAN Workshop on Programming Langauges and Analysis for Security, June 2008.
(One of two best papers; selected for publication in SIGPLAN Notices.)
[ abstract | pdf | bib | TR | Coq proof (partial) ]

Combining Provenance and Security Policies in a Web-based Document Management System
Brian J. Corcoran, Nikhil Swamy, and Michael Hicks
In On-line Proceedings of the Workshop on Principles of Provenance (PrOPr), November 2007. http://homepages.inf.ed.ac.uk/jcheney/propr/.
[ abstract | pdf | bib ]

Verified Enforcement of Security Policies for Cross-Domain Information Flows
Nikhil Swamy, Michael Hicks, and Simon Tsang.
In Proceedings of the 2007 Military Communications Conference (MILCOM), October 2007.
[ abstract | pdf | bib ]

 
People
Brian J. Corcoran Michael Hicks Nikhil Swamy Simon Tsang



This document is prepared through collaborative participation in the Communications and Networks Consortium sponsored by the U. S. Army Research Laboratory under the Collaborative Technology Alliance Program, Cooperative Agreement DAAD19-01-2-0011. The U. S. Government is authorized to reproduce and distribute reprints for Government purposes notwithstanding any copyright notation thereon.

This material is based upon work supported by the National Science Foundation under Grant No. CCF-0524036, Collaborative Research: CT-T: Flexible,Decentralized Information-flow Control for Dynamic Environments. Any opinions, findings and conclusions or recome ndations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation (NSF).

The views expressed here do not necessarily represent those of our funding sources.